Overview In my previous blog post HERE I deployed VMware Antrea IDS and demonstrated how VMware IDS can secure pods running Antrea as CNI against malicious attacks, and although the feature is in tech preview it is very promising to see that VMware is committed to the vision of bringing Tanzu/Kubernetes security as an integral […]
Overview With the release of NSX 4.0.0.1 and VMware Antrea 1.5.0 came a very interesting announcement that you can now secure Antrea containers integrated with NSX using NSX IDPS i.e. leveraging threat prevention sigantures and capabilities to secure your containerised workloads. This feature is however is tech preview only at the moment, which means it is not […]
Overview N-VDS (or NSX Virtual Distributed Switch) was introduced with the release of NSX-T, and its main function was to provide the host with NSX data plane for handling NSX managed traffic (VMs which are connected to NSX segments and handled by NSX policies). This meant that for every NSX enabled host, administrators had to […]
Overview NSX Application Platform (NAPP) was introduced by VMware with the release of NSX 3.2, as the underlying platform for running various NSX features such as NSX Intelligence, Network Detection and Response (NDR) and Malware detection. NAPP components and the mentioned features do not run as OVAs anymore but in containers, this matches the whole […]
In part two in this blog post series, we will be integrating our kubernetes cluster which is running Antrea as CNI with NSX and will be using NSX to configure centralised security policies for container workloads running on our kubernetes cluster. Lab Inventory For software versions I used the following: VMware ESXi 7.0.2.17867351 vCenter server […]
In this two parts blog post I am going to demonstrate how to setup kubernetes clusters using VMware Antrea CNI (Container Network Interface) and using NSX 3.2.x as centralised security policy manager for pods workloads running on a kubernetes cluster. In part one, I am going to introduce to fundamentals of kubernetes and kubernetes cluster […]
Although vSphere with K8s with NSX-T networking have been around for a while, it is after the release of NSX Application Platform (NAPP) in NSX-T 3.2 useful to revisit how we can configure and deploy vSphere K8s as a pre-requisite for NAPP. During this lab I came across many interesting and challenging issues in the […]
In this blog Post I demoed a vSphere K8s deployment on top of NSX-T networking. As a follow up, in this blog post I will be showcasing setting up Namespaces and Pods to eventually set up a containerised Nginx webserver. Once the workload management configuration process is finalised, we can start creating Namespaces by clocking […]
NSX-T 3.2 was released on the 16th of December 2021 with a lot of new features focusing o Gateway security, ease of NSX adoption in brownfields and a lot of new operational and performance enhancement. On this blog post I am covering how NSX-T 3.2 can be utilised to secure workloads which are not connected […]
With the release of NSX-T 3.2.0.1 customers can now upgrade to this version safely. This release came to mitigate some upgrade issues which prevented brownfield NSX-T customers in upgrading to NSX-T 3.2.VMware has offered a upgrade evaluation tool which runs and check the current NSX-T deployment and evaluates the upgrade process to NSX-T 3.2.0.1 and […]
